19 September 2015

Securing DoD Networks for the 21st Century

Some forty years ago, the U.S. Armed Forces began a revolution in military affairs based largely on the exploitation of information. A series of advances in position location, accurate munitions guidance, multi-spectral surveillance, data fusion and, most importantly, network connectivity resulted in a new type of military. Success in modern war of any character, scale or intensity, is increasingly a function of how successfully military institutions, insurgents and even terrorist groups are in exploiting, managing, manipulating and countering information networks.

Net-based intelligence and warfare are now being challenged by the exploding field of cyber attack. U.S. adversaries are developing strategies, doctrines, operational art, tactics, techniques, technologies and specialized organizations to conduct cyber espionage and warfare. Given the U.S. military’s dependence on networks, an advantage in the area of network attack could be sufficient to give our enemies a true war-winning advantage.

It is no longer permissible to treat cyber security as an afterthought, an applique or even a cost of doing business. The security of the entire defense enterprise against cyber intrusion must be approached with all the seriousness and investment of resources and personnel that the U.S. military devoted to key areas of national preeminence such as nuclear weapons, electronic warfare, undersea warfare and air dominance. There is no value to investing in the best network technologies if they are vulnerable to attack. Success in future conflicts will go to the side best able to defend their networks from penetration, exploitation and attack.

So, how should the Department of Defense (DoD) proceed to create a 21st Century network security system? First, the Department must think and act strategically. The DoD’s aggregation of endpoints and networks is changing and expanding with the introduction of new users, devices, capabilities and applications. Such a universe of information nodes can only be managed, directed and, ultimately, protected by a comprehensive security architecture supported and even guided by a single management system. Only with a single security architecture defining standards, rules and procedures can comprehensive security be achieved. Modern end-point security requires a centralized management platform, one that provides end-to-end situational awareness, ensures the implementation of security procedures and and supports the necessary configuration control.

Establishing an appropriate organizational and management structure for DoD’s networks is only the first step in the process of achieving comprehensive cyber security. Next there must be a strategy that exploits existing capabilities, enhancing them where possible and introducing new security technologies as needed. Cyber security is the quintessential competitive strategy in which each offensive action produces a corresponding defensive measure which, in turn, propels the offense to renew its search of another avenue of advance. Security must be more pro-active rather than reactive, imposing costs on the attacker and addressing the entire threat life cycle. It must increasingly turn to automation in order to surveil the entire information enterprise, match the threat’s agility and respond at network speed.

Finally, a comprehensive strategy for network security must leverage the power, inventiveness and agility of the commercial IT industry. Recognizing the pace of innovation in the private sector, DoD must find an alternative model for the acquisition of cyber security capabilities, one that takes advantage of innovation in the private sector to match the speed of the threat.